PT-2022-37674 · Palo Alto Networks · Cortex Xdr Agent

Уязвимость средства анализа сетевого трафика, сетевого обнаружения и реагирования Cortex XDR Agent связана с ошибками в коде. Эксплуатация уязвимости может позволить нарушителю вызвать отказ в обслуживании системных служб Windows...

CVE-2022-34866

Passage Drive versions v1.4.0 to v1.5.1.0 and Passage Drive for Box version v1.0.0 contain an insufficient data verification vulnerability for interprocess communication. By running a malicious program, an arbitrary OS command may be executed with LocalSystem privilege of the Windows system where...

CVE-2022-34866

Passage Drive versions v1.4.0 to v1.5.1.0 and Passage Drive for Box version v1.0.0 contain an insufficient data verification vulnerability for interprocess communication. By running a malicious program, an arbitrary OS command may be executed with LocalSystem privilege of the Windows system where...

JVN#23766146: Passage Drive vulnerable to insufficient data verification

Passage Drive provided by Yokogawa Rental & Lease Corporation contains an insufficient data verification vulnerability for interprocess communication CWE-20. Impact By running a malicious program, an arbitrary OS command may be executed with LocalSystem privilege of the Windows system where the...

SUSE: Security Advisory (SUSE-SU-2022:2174-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2022-34006

An issue was discovered in TitanFTP aka Titan FTP NextGen before 1.2.1050. When installing, Microsoft SQL Express 2019 installs by default with an SQL instance running as SYSTEM with BUILTIN\Users as sysadmin, thus enabling unprivileged Windows users to execute commands locally as NT...

CVE-2022-30190 (Follina) vulnerability in MSDT: description and counteraction

At the end of May, researchers from the naosec team reported a new zero-day vulnerability in Microsoft Support Diagnostic Tool MSDT that can be exploited using Microsoft Office documents. It allowed attackers to remotely execute code on Windows systems, while the victim could not even open the...

Exploit for Expression Language Injection in Atlassian Confluence_Data_Center

CVE-2022-26134 （CVE-2022-26134）an unauthenticated and remote O...

This New Fileless Malware Hides Shellcode in Windows Event Logs

A new malicious campaign has been spotted taking advantage of Windows event logs to stash chunks of shellcode for the first time in the wild. "It allows the 'fileless' last stage trojan to be hidden from plain sight in the file system," Kaspersky researcher Denis Legezo said in a technical write-...

CVE-2022-28005

An issue was discovered in the 3CX Phone System Management Console prior to version 18 Update 3 FINAL. An unauthenticated attacker could abuse improperly secured access to arbitrary files on the server via /Electron/download directory traversal in conjunction with a path component that uses...

CVE-2022-27636

CVE-2022-27636 is a logging vulnerability in F5 BIG-IP APM Edge Client for Windows where sensitive APM session information can be written to logs when VPN is launched. The connected F5 advisory K57110035 confirms affected products and provides fixed versions: BIG-IP APM (16.1.2.2; 16.x), (15.1.5....

PT-2022-3141 · Microsoft · Windows Encrypting File System +1

Name of the Vulnerable Software and Affected Versions: Windows Encrypting File System EFS affected versions not specified Description: The issue is related to insufficient input validation in the Windows Encrypting File System EFS, which can be exploited by a remote attacker to execute arbitrary...

Qt allows for privilege escalation due to hard-coding of qt_prfxpath value

Overview Prior to version 5.14, Qt hard-codes the qtprfxpath value to a fixed value, which may lead to privilege escalation vulnerabilities in Windows software that uses Qt. Description Prior to version 5.14, Qt hard-codes the qtprfxpath value to a value that reflects the path where Qt exists on...

Trojan-Downloader.Win32.Agent Insecure Permissions

Discovery / credits: Malvuln - malvuln.com c 2022 Original source: https://malvuln.com/advisory/fb3ac3c9d808de7f4b5ede68715f658f.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Trojan-Downloader.Win32.Agent Vulnerability: Insecure Permissions Description: The malware writes a ...

The vulnerability in the implementation of the Windows SMB network protocol of the Microsoft operating system allows a perpetrator to disclose protected information.

The vulnerability of the Windows SMB network protocol implementation in Microsoft Windows is related to information disclosure. Exploiting this vulnerability can allow a malicious actor to disclose protected information remotely...

The vulnerability of the Windows System Launcher component of the Windows operating system allows a hacker to gain increased privileges.

The vulnerability of the Windows System Launcher component of the Windows operating system is related to insecure management of privileges. Exploiting this vulnerability can allow an attacker to enhance their privileges...

CVE-2022-21866

Windows System Launcher Elevation of Privilege Vulnerability...

CVE-2022-21866

Windows System Launcher Elevation of Privilege Vulnerability...

CVE-2022-21866

Windows System Launcher Elevation of Privilege Vulnerability...

CVE-2022-21848

Windows Internet Key Exchange IKE Extension Denial of Service Vulnerability...